[ previous ] [ next ] [ threads ]
 
 From:  Jeff Buehler <jeff at buehlertech dot com>
 To:  aaronc at morad dot ab dot ca
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Version 1.22 freeze
 Date:  Thu, 29 Jun 2006 09:44:00 -0700 
Aaron -

It sounds like you are using unnecessarily new and powerful hardware to 
handle m0n0wall.   I have four different 1.22 versions running on three 
different types of hardware for 50+ person corporations as IPSEC VPN's 
and firewalls, with no problems and no freezes in over 6 months 
(upgraded from 1.21 when 1.22 came out - I don't think there has even 
been a single reboot since then on any of these m0n0walls).  In these 
cases one system is a Athlon 1200 and the other is a Duron 1800.  Both 
main boards are "new" for being old technology, and neither CPU ever 
gets up over 1% or 2% usage, so these systems are overkill.  They are 
running on USB flash drives and each has 256 meg RAM (because I couldn't 
find 128 meg chips new!).

Why run m0n0wall on new Poweredge hardware?  I would actually expect 
more problems from new server-specific hardware than I would from older 
hardware, as FreeBSD (and Linux!) takes some time to stabilize drivers.  
In case this helps, from Newegg the *Foxconn K7S741GXMG-6L Socket A 
(Socket 462) SiS 741GX Micro ATX AMD Motherboard *for something like 50 
bucks and a Duron 1800 for maybe 70 bucks.  These are WAY more than 
enough to handle a large corporation, at least in my experience, and I 
have had not as single freeze.

Good luck with it!

Jeff

Lee Sharp wrote:
> From: "Aaron Cherman" <aaronc at morad dot ab dot ca>
>
>>> For all following this thread, I have just finished a fresh install 
>>> and config of m0n0 1.22 on one of three new Dell PowerEdge 1850 
>>> servers, running off of a USB flash drive.  I plan on putting this 
>>> unit into production tomorrow afternoon.  I will let you know how it 
>>> goes.
>
>> And the saga continues...  I didn't have chance yesterday to make the 
>> change to the Dell server so I let things run and was going to make 
>> the change today.  After just over 9 days uptime the existing box 
>> locked up last night at 12:26 am.  By the time I got the alarm, got 
>> to the office and got everything changed over, we were back up and 
>> running on the new server at 12:55 am.  At 8:06 am today, the Dell 
>> server locks up.  If I do the math right that's 7:11 of uptime.  
>> Again, this config is one built from scratch on 1.22, brand new 
>> server out of the box.  This now makes (I think) 6 different hardware 
>> platforms I've tried (all of which work great in my other m0n0 
>> apps).  None of these hardware platforms have shared ANY of the same 
>> components, they are all unique.
>
> I feel your pain.  How about this...  You have plenty of hardware, so 
> set up a m0n0wall in front of your m0n0wall.  Have it do nothing.  (No 
> VPN, traffic shaping...  Just basic firewall, routing/NAT and 
> forwarding)  Put all the heaving lifting on the inside firewall.  See 
> what crashes.  Move apps from inside to outside, and see when the 
> crash moves.  If you end up with everything on the outside firewall, 
> it is some internal "poison packet" killing you.  If it dies with 
> nothing, it is an external "poison packet."
>
>                                    Lee
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>